On Fri, Apr 4, 2014 at 2:25 PM, Craig Young <[email protected]> wrote: > SOHO router security is quite bad. This is far from an isolated ping > injection as most home routers don't bother to sanitize input going to > ping functionality.
in case that wasn't clear, multiple international SOHO router hardware shops are releasing products where any arbitrary web CGI element can lead to elevated arbitrary execution on device... just a few escapes away. not a great security posture to start 2014! best regards, _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
